Network security specialist job description

100% Remote

IT Coalition is seeking an Information Systems Security Officer (ISSO)/Senior Network Security Specialist with a focus in Information Assurance and Compliance to support the Treasury LAN Enterprise Service Program. The Senior Network Security Specialist is expected to have a strong IT Networking background and should be capable of lending subject matter expertise related to IA/Compliance/SA&A activities. The chosen candidate will demonstrate a strong knowledge of Security Requirement Analysis, Threat Modeling, Security Architecture and Design, Enterprise Security Program Assessment, evaluating Vulnerability Assessment results and perform other duties as required.

IT Coalition, Inc. is an information technology and consulting company focused on servicing the needs of the Federal Government. IT Coalition's mission is to apply earned expertise in information technology and information assurance/security to assist this client in achieving its mission. IT Coalition is located in Alexandria, VA and offers outstanding compensation and benefits plan and a challenging and rewarding professional work environment.

JOB RESPONSIBILITIES

• This position requires the candidate to act as a trusted consultant and offer security-related guidance on business processes, emerging technology and acquisitions, and vulnerability assessment/mitigation approaches.
• Conduct SA&A activities for Treasury systems working individually or as part of a team.
• Work with Treasury staff to provide technical and policy driven solutions to remediate or mitigate identified risks.
  • Support system personnel with remediation plans for SA&A findings.
  • Provide guidance as the Information System Security Officer (ISSO) on system documentation.
• Coordinate/conduct vulnerability scans and analyze results.
• Complete security assessment reports involving both technical and policy related aspects of the assessment.
• Perform compliance reviews, tracking, and continuous monitoring of newly submitted Security Authorization packages.

MINIMUM QUALIFICATIONS : All candidates must meet the following minimum requirements:

• 10+ years' experience in Information Assurance/Security Compliance including operation security responsibilities (reporting, auditing, logging, etc.). SA&A experience, preferred.
• Strong networking experience, including strong LAN expertise required. Prior experience as a Network Admin/Engineer, desired.
• Demonstrated experience in all phases of preparing and reviewing complete Security Authorization packages for information technology systems and/or applications as defined by the Federal Information Security Management Act of 2002 (FISMA) and implemented by the guidance of the National Institute of Standards and Technology (NIST).
• Prior experience as an ISSO, desired.
• Demonstrable experience:
  • Conducting SA&A activities to include the development and/or updates of System Security Plans, Contingency Plans, Privacy Impact Analysis, and e-Authentications.
  • Performing Security Test and Evaluation and developing Security Assessment Reports.
  • Delivering risk and vulnerability briefings confidently to management and government customers.
• Having experience with risk management analysis, Systems Engineering and any type of technical expertise is a plus (cloud, IdAM, encryption standards, etc).
• Knowledge of the formation and implementation of IT security policies to ensure confidentiality, integrity and availability of information systems.
• Strong technical writing and good interpersonal skills to be able to work with challenging clients.

REQUIRED QUALIFICATIONS: The following experience and qualifications are required:

• BS. or M.S. Degree in computer science or related field or related experience
• Capable of successfully obtaining a US Treasury Clearance

DESIRED: The following experience and qualifications are desired:

• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), GSLC, or comparable certification, preferred
• Expertise with COTS based security tools (i.e. Tenable Nessus, WebInspect, or AppDetective) used to establish security baselines and assess continuing compliance.
• Experience with Splunk, Burp, AppScan, ArcSight, etc.

Title:
Network Engineer/Security Specialist

KBR is looking for a Security Engineer/Analyst to support the Intelligence Community in Reston, VA.

Responsibilities:

• Provide Engineering and cyber risk assessments of communications-based hardware devices.
• Conduct technical characterizations and vulnerability assessments to identify characteristics, weaknesses and vulnerabilities of cyber based special communications solutions and technologies and present findings/observations to the end customer to include:
• Assess the cyber implications of digital based devices and applications in a range of operational environments
• Integrate applications on user equipment with a range of networks over a variety of media
• Configure networks and devices for end-to-end installation, testing, and assessments
• Work closely with customers and team members to help clarify, define and assess customer needs
• Perform forensic analysis of mobile devices (Android and iOS), and other electronic devices.
• Assess mobile, cloud infrastructure, and web-based applications for vulnerability, privacy and user attribution.
• Perform vulnerability analysis on wireless networks, including WIFI, cellular and Bluetooth.
• Identify, vet, and manage development of vendor submissions for cyber based communications solutions.
• Collaborate with all source analysts to develop technical threat assessments, combining analyst threat information with cyber vulnerabilities and characterizations to support communications plans then develop plans to resolve weaknesses and identify gaps in technical and operational capabilities
• Configure user cyber networks with user devices for end-to-end installation, testing, and assessments
• Design, deploy, and troubleshoot mid- and large-scale networks as well as an experimental lab network
• Develop plans and integrate applications on user equipment with a range of networks over a variety of media
• Work closely with Project Managers and team members assessing customer's implementation needs
• Provide infrastructure experience and systematic analysis to resolve or address device/network issues
• Develop plans to resolve weaknesses and identify gaps in technical and operational capabilities

Required Qualifications:

• 5-10 years designing, developing, integrating, testing and/or deploying secure information system solutions
• Experience with user equipment (to include mobile devices) application integration, system networking and performance optimization and data flow management across local, wide area and global networks
• Experience conducting cyber assessments to identify risks and vulnerabilities and providing executable corrective alternatives.
• Experience securing Android, iOS, OSX, VMware, Linux, and MS Windows systems
• Experience with penetration testing, reverse engineering and forensics of mobile (iOS, Android) device hardware, operating systems and applications.
• Experience using Kali Linux.
• Experience building and configuring wireless network technologies, including WIFI, Bluetooth, LTE and 5G cellular.
• Understanding of DoD and Intelligence community cybersecurity requirements.
• High level of self-motivation, desire to deliver stellar solutions and willingness to work in a distributed team environment
• Excellent interpersonal and customer service skills, strong troubleshooting and communication skills
• Ability to multi-task in a dynamic environment with changing priorities
• Prior experience performing static and/or dynamic software code analysis and working with red/blue security teams is a plus.
• Bachelor's degree from an accredited college or university in Network Engineering, Computer Security, Information Technology, computer science or engineering field with 10+ years technical/development experience
• Possess a vendor neutral security certification (e.g., Security+, CISSP)

Security Requirements: Must have an active TS/SCI clearance and a current POLY.

In compliance with the U.S. federal government's vaccine mandate, only candidates who are fully vaccinated for COVID-19 or have a reasonable accommodation or approved medical exception will be considered for this position.

KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

NETWORK SECURITY DOCUMENTATION SPECIALIST - REMOTE


The Select Group is looking for a talented Network Security Documentation Specialist to join one of our top healthcare partners. This person will be responsible for documentation of the identified Network devices, data validation, and data collection. The ideal candidate will have experience with Network Security Devices (i.e., Palo Alto), strong customer service, and the ability to work in a fast-paced environment. This is a fully remote position, but preference is given to those in the Eastern time zone. If this sounds like a position you're interested in, apply today!


NETWORK SECURITY DOCUMENTATION SPECIALIST REQUIREMENTS

• Experience working with Network Security Devices, especially Palo Alto
  • Ability to document the physical and logical diagrams
  • Collect IP Tunnel information
• Strong customer service experience
  • Able to speak with internal clients to gather data based on the equipment they have
• Strong communication and ability to work in a fast-paced environment

NETWORK SECURITY DOCUMENTATION SPECIALIST RESPONSIBILITIES

• Documentation of the identified Network devices described below to include:
  • Visio Diagram (Physical and Logical Diagrams)
  • One page for each device to include:
  • Name
  • Location
  • Interface-ID
  • IP Address/Subnet Mask
  • DMZ - Zone Names
  • Connection Points
  • OOB/Console Info
  • Site Contact Information
  • Client will give access for login capabilities into VDIs
  • Devices in scope
  • Palo Alto - Panorama
  • Cisco ASA (Non-EDI and EDI)
  • Cisco Meraki
  • Routers
  • FortiGate
• Collection of data and contact information to include the following for the IP tunnels identified as necessary
  • Customer contact
  • Department name
  • Department email distribution list
  • Contact phone number
• Customers will include all of those identified for the identified tunnels which can span all time zones in the US
• Data validation
  • Confirmation of ownership information mentioned above or update to appropriate owner and applicable contact information
• Information will be delivered to designated contact as it is gathered